<?php
/**
 * 密码存入数据库中
 */
//session_start();
include "../util/DBUtil.php";
//$login_type = $_SESSION['login_type'];//登录类型
include "../util/PromptAction.php";

$id = $_POST['id'];
$pwd = $_POST['password'];
$db = new DBUtil();
$sql = "update tb_student set password=?,flag=0 where id=?";
if ($login_type==0){//学生
    //查询学生是否修改过一次密码
    $sql = "select flag from tb_student where id=? ";
    $params = array($id);
    $result = $db->query($sql,$params)[0];
    if ($result['flag']==1){
        echo "<script>alert('你修改过一次密码，不能修改');window.open('../view/welcome.php','info')</script>";
    }
    $sql = "update tb_student set password=?,flag=1 where id=?";
}elseif ($login_type==2){//教师修改密码
    $sql = "update tb_teacher set password=? where id=?";
}
$params = array($pwd, $id);
$statue = $db->update($sql, $params);
if ($login_type!=1){//不是管理员修改密码，修改密码后重新登录
    echo "<script>alert('密码修改成功，请重新登录')</script>";
    header("Location: ../login.php");
}
showStatue($statue);
echo "<script>window.open('../view/password.php','info')</script>";